Total
12555 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2009-1252 | 1 Ntp | 1 Ntp | 2025-04-09 | 6.8 MEDIUM | N/A |
| Stack-based buffer overflow in the crypto_recv function in ntp_crypto.c in ntpd in NTP before 4.2.4p7 and 4.2.5 before 4.2.5p74, when OpenSSL and autokey are enabled, allows remote attackers to execute arbitrary code via a crafted packet containing an extension field. | |||||
| CVE-2009-3235 | 1 Dovecot | 1 Dovecot | 2025-04-09 | 7.5 HIGH | N/A |
| Multiple stack-based buffer overflows in the Sieve plugin in Dovecot 1.0 before 1.0.4 and 1.1 before 1.1.7, as derived from Cyrus libsieve, allow context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted SIEVE script, as demonstrated by forwarding an e-mail message to a large number of recipients, a different vulnerability than CVE-2009-2632. | |||||
| CVE-2008-0106 | 1 Microsoft | 4 Data Engine, Sql Server, Sql Server Desktop Engine and 1 more | 2025-04-09 | 9.0 HIGH | N/A |
| Buffer overflow in Microsoft SQL Server 2005 SP1 and SP2, and 2005 Express Edition SP1 and SP2, allows remote authenticated users to execute arbitrary code via a crafted insert statement. | |||||
| CVE-2009-4177 | 1 Hp | 1 Openview Network Node Manager | 2025-04-09 | 10.0 HIGH | N/A |
| Buffer overflow in webappmon.exe in HP OpenView Network Node Manager (OV NNM) 7.01, 7.51, and 7.53 allows remote attackers to execute arbitrary code via a long HTTP Host header. | |||||
| CVE-2007-1688 | 1 Callisto | 1 Photoparade Player | 2025-04-09 | 9.3 HIGH | N/A |
| Buffer overflow in the PhPInfo ActiveX control in PhPCtrl.dll in Callisto PhotoParade Player allows remote attackers to execute arbitrary code via the FileVersionof property. | |||||
| CVE-2009-3848 | 1 Hp | 1 Openview Network Node Manager | 2025-04-09 | 10.0 HIGH | N/A |
| Stack-based buffer overflow in nnmRptConfig.exe in HP OpenView Network Node Manager (OV NNM) 7.01, 7.51, and 7.53 allows remote attackers to execute arbitrary code via a long Template parameter, related to the vsprintf function. | |||||
| CVE-2008-0778 | 1 Apple | 1 Quicktime | 2025-04-09 | 7.5 HIGH | N/A |
| Multiple stack-based buffer overflows in an ActiveX control in QTPlugin.ocx for Apple QuickTime 7.4.1 and earlier allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via long arguments to the (1) SetBgColor, (2) SetHREF, (3) SetMovieName, (4) SetTarget, and (5) SetMatrix methods. | |||||
| CVE-2007-1659 | 1 Pcre | 1 Pcre | 2025-04-09 | 6.8 MEDIUM | N/A |
| Perl-Compatible Regular Expression (PCRE) library before 7.3 allows context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via regex patterns containing unmatched "\Q\E" sequences with orphan "\E" codes. | |||||
| CVE-2009-0920 | 1 Hp | 1 Network Node Manager | 2025-04-09 | 7.5 HIGH | N/A |
| Stack-based buffer overflow in OvCgi/Toolbar.exe in HP OpenView Network Node Manager (OV NNM) 7.01, 7.51, and 7.53 allows remote attackers to execute arbitrary code via a long OvOSLocale cookie, a variant of CVE-2008-0067. | |||||
| CVE-2008-0646 | 2 Deluge Team, Rasterbar Software | 2 Deluge, Libtorrent | 2025-04-09 | 7.8 HIGH | N/A |
| The bdecode_recursive function in include/libtorrent/bencode.hpp in Rasterbar Software libtorrent before 0.12.1, as used in Deluge before 0.5.8.3 and other products, allows context-dependent attackers to cause a denial of service (stack exhaustion and crash) via a crafted bencoded message. | |||||
| CVE-2007-4748 | 1 Ppstream | 1 Ppstream | 2025-04-09 | 6.8 MEDIUM | N/A |
| Buffer overflow in the PowerPlayer.dll ActiveX control in PPStream 2.0.1.3829 allows remote attackers to execute arbitrary code via a long Logo parameter. | |||||
| CVE-2009-1325 | 1 Mini-stream | 1 Ripper | 2025-04-09 | 9.3 HIGH | N/A |
| Stack-based buffer overflow in Mini-stream Ripper 3.0.1.1 allows remote attackers to execute arbitrary code via a long URI in a playlist (.m3u) file. | |||||
| CVE-2007-4803 | 1 Atomix Productions | 1 Atomixmp3 | 2025-04-09 | 6.8 MEDIUM | N/A |
| Buffer overflow in AtomixMP3 2.3 allows user-assisted remote attackers to execute arbitrary code via long strings in file and title fields in a .pls file, as demonstrated by the (1) File1 and (2) Title1 fields, different vectors than CVE-2006-6287 and CVE-2007-2487. | |||||
| CVE-2009-3837 | 1 Eureka-email | 1 Eureka Email | 2025-04-09 | 9.3 HIGH | N/A |
| Stack-based buffer overflow in Eureka Email 2.2q allows remote POP3 servers to execute arbitrary code via a long error message. | |||||
| CVE-2009-0350 | 1 Merak | 1 Media Player | 2025-04-09 | 9.3 HIGH | N/A |
| Stack-based buffer overflow in Merak Media Player 3.2 allows remote attackers to execute arbitrary code via a long string in a .m3u playlist file, related to the status bar icon's tooltip. NOTE: some of these details are obtained from third party information. | |||||
| CVE-2007-6258 | 2 Apache, F5 | 2 Mod Jk, Big-ip | 2025-04-09 | 7.5 HIGH | N/A |
| Multiple stack-based buffer overflows in the legacy mod_jk2 2.0.3-DEV and earlier Apache module allow remote attackers to execute arbitrary code via a long (1) Host header, or (2) Hostname within a Host header. | |||||
| CVE-2009-3859 | 1 Eeye | 2 Retina Network Security Scanner, Retina Wifi Scanner | 2025-04-09 | 9.3 HIGH | N/A |
| Buffer overflow in eEye Retina WiFi Scanner 1.0.8.68, as used in Retina Network Security Scanner 5.10.14, allows user-assisted remote attackers to cause a denial of service (application crash) or execute arbitrary code via a .rws file with a long RWS010 entry. | |||||
| CVE-2008-2237 | 1 Openoffice | 1 Openoffice.org | 2025-04-09 | 9.3 HIGH | N/A |
| Heap-based buffer overflow in OpenOffice.org (OOo) 2.x before 2.4.2 allows remote attackers to execute arbitrary code via a crafted WMF file associated with a StarOffice/StarSuite document. | |||||
| CVE-2008-0532 | 1 Cisco | 3 Acs For Windows, Acs Solution Engine, User Changeable Password | 2025-04-09 | 10.0 HIGH | N/A |
| Multiple buffer overflows in securecgi-bin/CSuserCGI.exe in User-Changeable Password (UCP) before 4.2 in Cisco Secure Access Control Server (ACS) for Windows and ACS Solution Engine allow remote attackers to execute arbitrary code via a long argument located immediately after the Logout argument, and possibly unspecified other vectors. | |||||
| CVE-2007-4566 | 1 Alpha Centauri Software | 1 Sidvault Ldap Server | 2025-04-09 | 10.0 HIGH | N/A |
| Multiple buffer overflows in the login mechanism in sidvault in Alpha Centauri Software SIDVault LDAP Server before 2.0f allow remote attackers to execute arbitrary code via crafted LDAP packets, as demonstrated by a long dc entry in an LDAP bind. | |||||